PRIVACY POLICY
TERMS OF USE
PRIVACY POLICY
|
I. Who Are We?
Grassy Sprain Group, Inc. and its affiliates (the
"Company"), headquartered in Boca Raton, Florida, U.S.A., specializes
in the purchase of distressed consumer and commercial receivables. If you have
any questions or comments about this Privacy Policy or our practices, please
contact us as follows: Grassy Sprain Group, Inc. 9858 Clint Moore Rd., Ste
C-11; #217 Boca Raton, FL 33496 (800) 937-8068 info@purchasedebt.com
A. Who And What Is Covered by This Privacy
Policy?
This Privacy Policy describes the Company's
policies and practices regarding its collection and use of your personal data,
and sets forth your privacy rights. This Privacy Policy applies both to the
Company's online information gathering and dissemination practices for this
website (the "Site"), and information collected or received offline,
whether directly from you or from other sources. If you have arrived at this
Privacy Policy by clicking through a link on our Site, or by searching for or
clicking on a link directing you to any page of our Site, then this Privacy
Policy applies to you. When you use the Site, you consent to the use of your
information in the manner specified in this Privacy Policy. This policy may
change periodically, as we undertake new personal data practices or adopt new
privacy policies, so please check back from time to time. By your continued use
of the Site, you consent to the terms of the revised policy. Use of our Site is
strictly limited to persons who are of legal age in the jurisdictions in which
they reside. You must be at least eighteen (18) years of age to use our Site.
If you are not at least 18 years of age, please do not use or provide any
information through this Site. This Privacy Policy does not apply to any
website owned and/or operated by or on behalf of any other entity, even if our
Site posts a link to those other websites and you click through from our Site.
To the extent that you visit and/or disclose information through other sites,
you are subject to the privacy policies and practices of those sites.
I. What Personal Information Does the Company
Collect, From Where, And Why?
The following is a description of: (i) the categories of personal information
the Company may have collected in the preceding 12 months; (ii) the sources
from which we may have collected it; and (iii) the business purposes for which
we may have collected it.
A. Information We Do NOT Knowingly Collect.
We do not knowingly solicit, collect, or receive information from or about
minors (under the age of 16).
B. Information You Provide Directly.
You may choose to voluntarily submit or otherwise disclose Personal Information
to us (e.g., name, address, email address, telephone number, date of birth,
social security number, account numbers, financial information, card payment
information, or banking information, etc.). That information - whether
submitted or disclosed through the various "Contact Us" options on
the Site, by mail, e-mail, or telephone, and whether the purpose for your
submission is to inquire about your account or our services, make a payment, or
apply for employment, etc. - is governed by this Privacy Policy. If you
initiate contact or correspond with us, we may keep a record of your contact
information and correspondence, whether oral or written, and we reserve the
right to use your contact information, and any other information that you
provide to us in your message, to respond thereto, optimize customer service,
or attempt to resolve your request or inquiry. Thus, we may use the information
you provide to further correspond with you or to accept payment on or otherwise
manage your account. If you wish to change or correct any information
voluntarily submitted to us, please do so by contacting us in the manner
described below. Please note that your communications with us are with a debt
collector, in an attempt to collect a debt. Any information obtained will be
used for that purpose.
C. Information from Third Parties Acting on Your Behalf.
The Company may receive and maintain Personal Information (e.g., name, address,
telephone number, email address, date of birth, social security number, account
numbers, financial information, court records, etc.) contained in
communications with someone other than you, such as your spouse, power of
attorney, attorney, or other authorized representative, in connection with the
collection of any debt.
D. Information We Receive from Clients and Sellers.
We receive and maintain Personal Information contained in the accounts
receivable within the portfolios that we purchase or service, including credit
issuers, creditors, and accounts receivable portfolio owners. This information
may include a name, date of birth, social security number, information
contained on credit applications, the original creditor's account number,
employment information, court records, the balance of the account at the time
of sale, and the last date a payment was received on an account, etc. We use
this information to seek the collection and recovery of accounts receivable, to
fulfill responsibilities to our clients, and to analyze potential portfolio
purchases. Personal Information that we receive from sellers, as part of due
diligence, is shared with us confidentially for the purpose of analyzing a
potential purchase and is subject to a nondisclosure agreement or other
confidentiality obligation that prohibits us or our representatives from
further disclosing or using the information for any other purpose.
E. Information We Receive from Our Service Providers.
The Company may receive and maintain Personal Information from our Service
Providers. Service Providers are persons or entities that we contract with to
provide a material service in connection with the recovery of accounts. This
may include, for example, location service providers, attorneys, collections
agencies, letter vendors, and data service providers that scrub information.
Information that we typically may receive includes residential address, phone
numbers, bankruptcy activity, military status, death or probate status, credit
information, court records, payment records, and correspondence or call
recordings with consumers.
F. Information We Receive from Credit Reporting Bureaus.
We receive and maintain Personal Information provided by one or more of the
major Credit Reporting Bureaus. We use this information in connection with
receivables management and recovery services and to assist with fulfilling
obligations to our clients.
G. Information Automatically Collected by Use of This Site
Our Site automatically collects certain information during a user's visit to
the Site. The information may include internet protocol (IP) addresses of your
device, the location where the device is accessing the internet, browser type,
operating system and other information about the usage of the Site, including a
history of pages viewed. We use this information to improve the Site's design,
estimate user volume and usage patterns, speed up searches, and improve the
user experience by customizing options and recognizing return users. We may
also use this information to help diagnose problems with our server and to
administer our website, analyze trends, track visitor movements, and gather
broad demographic information that assists us in identifying visitor
preferences. More specifically: (i) IP Address Each time a user visits the
Site; we may automatically collect an internet protocol (IP) address and the
web page from which the user was directed to the Site. In order to administer
and optimize the Site and to diagnose and resolve potential issues or security
threats to our Site or to the Company, we may use an IP address to help
identify users and to gather broad demographic information about them. (ii)
Cookies, Pixel Tags, And Web Beacons Cookies (browser or flash) are small files
that a site or its service provider transfers to a user's device through the
web browser (if you allow) that enables the site's or service provider's
systems to recognize the browser and capture and remember certain information.
We use cookies to optimize Site functionality and improve a user's experience
while navigating through the Site. Most or all browsers permit you to disable
or reject cookies. You can do this by adjusting your preferences in the
browser. You can also click on the "Cookies Settings" banner at the
bottom of the Site and adjust Cookie Settings to accept or reject certain
cookies used by our Site. Our Site may incorporate "pixel tags,"
"web beacons," or similar tracking technologies (collectively,
"pixel tags") that track the actions of Site users. Pixel tags are
used to collect information, such as the internet service provider, IP address,
the type of browser software and operating system being used, the date and time
the Site is accessed, the website address, if any, from which a user linked
directly to the Site and/or the website address, if any, to which the user
travels from the Site and other similar traffic-related information. We may
aggregate information collected from Site visits by various users to help us
improve the Site and the services that we provide through the Site. (iii) Do
Not Track Our Site tracks when visitors enter through a marketing landing page.
The Site also keeps a record of third-party websites accessed when a user is on
our Site and clicks on a hyperlink. But we do not track users to subsequent
sites and do not serve targeted advertising to them. (iv) Analytics Information
Web servers for the Site may gather anonymous navigational information about
where visitors go on our Site and information about the technical efficiencies
of our Site and services. Anonymous information does not directly or indirectly
identify, and cannot reasonably be used to identify, a particular individual.
Examples of anonymous information may include certain information about the
internet browser, domain type, service provider and IP address information
collected through tracking technologies and aggregated or de-identified data.
We use anonymous analytics information to operate, maintain, and provide to you
the features and functionality of the Site.
IV. What Personal Information Do We Share with Others?
A. We Do Not Sell Personal Information to Third Parties for their Own Use.
The Company does not sell to third-parties for their own use any of your
Personal Information. Except as described in this Privacy Policy, we also do
not disclose to third-parties information about your visits to our Site.
Accordingly, there have been no sales of non-public Personal Information to
Third-Parties for their own use or further disclosure in the past twelve (12)
months. The Company does not knowingly collect and does not, and will not, sell
non-public Personal Information of minors under 16 years of age without first
obtaining affirmative authorization.
B. Sharing Personal Information with Clients Pursuant to Contracts Through
Which We Act as a Service Provider.
We may provide your Personal Information to our clients, typically credit
issuers or accounts receivable portfolio owners, that engage us as a Service
Provider, through a written contract, for the purpose of managing accounts
receivable portfolios or otherwise fulfilling our contractual responsibilities.
The types of Personal Information we may share with our clients include updated
contact information, financial, bank account or payment information, and
performance metrics.
C. Sharing Information with Our Affiliates and Service Providers.
We may share your Personal Information with our affiliates and other persons or
entities that we contract with to provide a material service, referred to as
Service Providers. Our Service Providers include collection service providers
such as collection agencies and law firms, location service providers, data
service or security providers, and technological support companies. In
connection with providing these business services to the Company, one or more
of our Service Providers may have access to identifying Information, such as
your name, address, or social security number. We restrict our Service
Providers from accessing or using your Personal Information for any purpose
other than as reasonably necessary to perform a business purpose that we
authorize in the contract, and your Personal Information will not be further
used by our Service Providers or disclosed to any Third Party.
D. Sharing Personal Information at Your Direction. We may share your Personal
Information with third parties to whom you or your agents authorize us in
advance to intentionally disclose to or allow to use your Personal Information
in connection with the services that we provide.
E. Sale of Our Company or Company Assets. In the event of a sale, assignment,
liquidation, or transfer of our assets or of any portion of our business, we
reserve the right to transfer any and all information that we collect to
unaffiliated third-parties in connection with that event.
F. Monitoring, Law Enforcement and Legal Requests. The Company has no
obligation to monitor the Site or the use of the Site or to retain the content
of any user session. However, we reserve the right, at all times, to monitor,
review, retain and/or disclose any information, as necessary, to satisfy any
applicable law, regulation, legal process or governmental request or to
cooperate with law enforcement and other authorities in investigating a claim
of illegal activity. We may use IP addresses to identify a user when we feel it
is necessary to protect the Site, our service, clients, potential clients or
others.
G. Our Internal Use and Research We reserve the full and unrestricted right to
use and disclose de-identified information; anonymized information; aggregated
information or publicly available information that has not been combined with
nonpublic Personal Information for purposes including, but not limited to, our
own internal use, data mining, analytics, and research. No mobile information
will be shared with third parties/affiliates for marketing/promotional
purposes.
V. How Do We Protect Your Personal Information?
The Company takes reasonable security procedures and practices appropriate to
protect Personal Information from loss, misuse, unauthorized access,
disclosure, alteration and destruction. We maintain physical, electronic and
procedural safeguards designed to protect against the unauthorized disclosure
of Personal Information, and Personal Information is disposed of properly and
securely utilizing industry standards. Our data security policies and practices
are periodically reviewed and modified as necessary, and subject to third party
assessments annually. ** THE INFORMATION BELOW APPLIES TO CALIFORNIA RESIDENTS
**
VI. Your Rights Under the California Consumer Privacy Act.
A. The CCPA And Personal Information.
The California Consumer Privacy Act ("CCPA"), effective January 1,
2020, grants privacy rights to California consumers in connection with their
Personal Information. Personal Information or "PI" is
"information that identifies, relates to, describes, is capable of being
associated with, or could reasonably be linked, directly or indirectly, with a
particular consumer or household." A consumer has rights regarding his/her
PI, including: o A right to know what PI is collected, used, shared or sold by
the business; o A right to access PI collected and retained by the business; o
A right to require businesses and, by extension, their service providers, to
delete PI, subject to certain exceptions; o A right to opt-out of the business'
sale of PI; and o A right to non-discrimination in terms of pricing or service
for choosing to exercise a privacy right under the CCPA.
B. Consumer Right to A Notice of Collection.
A business subject to the CCPA must, at or before the point of collection of
PI, inform a consumer as to the categories to be collected and the purposes for
which it shall be used. A service provider that receives or collects PI on
behalf of, or at the direction of, a covered business may not be required to
provide a notice of collection to the consumer.
C. Consumer Right to Know.
A covered business must disclose in its privacy policy the PI it has collected,
sold, or disclosed for a business purpose in the past 12 months. Collection: A
business must disclose the following in response to a verifiable request: o The
categories of PI the business has collected about the consumer; o The
categories of sources from which that PI was collected; o The business or
commercial purpose for collecting or selling PI; o The categories of third
parties with which the business shares PI; and o The specific pieces of PI the
business has collected about the consumer making the request; Sale: A business
that sells PI or discloses it for a business purpose must disclose, in response
to a verifiable request, the following: o The categories of PI collected about
the individual consumer o The categories of PI the business sold about the
individual consumer, and the categories of third parties to which it was sold.
Or, if the business has not sold any of the consumer's PI, it must state that
fact. o The categories of PI the business has disclosed about the individual
consumer for a business purpose. Or, if the business has not disclosed the
consumer's PI for a business purpose, it must state that fact.
D. Consumer Right to Delete.
A California consumer has the right to request that a covered business delete
his/her PI, subject to certain exceptions. Once a request is reasonably
verified by the covered business, the PI requested to be deleted must be
removed from the records held by that business. The business must also direct
its Service Providers with whom the information was shared to also delete the
information, unless it is subject to an exception. A request to delete may be
denied if retaining the information is necessary to:
1. Complete the transaction for which it collected the PI, provide a good or
service requested by the consumer, take action reasonably anticipated within
the context of the ongoing business relationship with the consumer, or
otherwise perform a contract with the consumer.
2. Detect security incidents, protect against malicious, deceptive, fraudulent,
or illegal activity, or prosecute those responsible for such activities.
3. Debug products to identify and repair errors that impair existing intended
functionality.
4. Exercise free speech, ensure the right of another consumer to exercise their
free speech rights, or exercise another right provided for by law.
5. Comply with the California Electronic Communications Privacy Act (Cal. Penal
Code § 1546 seq.).
6. Engage in public or peer-reviewed scientific, historical, or statistical
research in the public interest that adheres to all other applicable ethics and
privacy laws, when the information's deletion may likely render impossible or
seriously impair the research's achievement, if you previously provided
informed consent.
7. Enable solely internal uses that are reasonably aligned with consumer
expectations based on the consumer's relationship with the business.
8. Comply with a legal obligation.
9. Make other internal and lawful uses of the information that are compatible
with the context in which the consumer provided it.
E. Consumer Right to Non-Discrimination.
A business must not discriminate against a consumer who exercises CCPA rights.
A business may charge different prices or provide a different quality of goods
or services, but only if the difference is reasonably related to the value
provided to the consumer by the consumer's data. A business may offer financial
incentives to a consumer for the collection, sale, or deletion of personal
information on a prior, opt-in consent basis.
F. Consumer Right To Opt-Out.
A business that sells PI to third parties must provide notice to consumers,
clearly inform them of the right to opt out of the sale, and provide a "Do
Not Sell My Personal Information" link on its website that enables the
consumer to opt out of future sales. A business is prohibited from selling the
PI of a consumer the business knows is less than 16 years of age, unless (for a
child between 13 and 16 years of age) the child has affirmatively authorized
the sale or (for a child less than 13 years of age) the child's parent or
guardian has affirmatively authorized the sale. G. Privacy Policy Requirements.
A business must include the following in its privacy policy, to be updated
every 12 months: A description of consumer CCPA rights, including the right to
opt out of the sale of PI and a separate link to a "Do Not Sell My
Personal Information" internet webpage if the business sells PI; o The
method(s) by which a CCPA request can be submitted; and o A list of the
categories of PI the business has collected, sold, or disclosed for a business
purpose in the preceding 12 months.
VII. How Do I Exercise My CCPA Rights?
A. Instructions for Submitting A CCPA Consumer Rights Request to Us If you are
a California resident and wish to submit a CCPA Request to Grassy Sprain Group,
Inc., you may use one of the following methods: Call us (Toll-Free) at:
800-937-8068 Email us at info@purchasedebt.com Please be advised that we are
only required to respond to your request to know or access twice in any
12-month period. We are required to keep records of your CCPA request for at
least 24 months, including any assigned reference number, the request date and
nature of the request, the manner in which the request was made, the date and
nature of our response, and the basis for any full or partial denial.
B. Verification of The Person Making a Request.
We need to be reasonably sure that the person making the request about your PI
is you, or a representative authorized to make a request on your behalf. We
cannot comply with your request if we cannot verify your identity or your
authority to make a request for another person. Accordingly, we will ask for
information such as your full name, mailing address, last four digits or your
social security number, etc., to attempt to verify your identity and locate
your records, if any. To the extent possible, we will not ask you for new
information to verify your identity, but instead will request information that
we can cross-check against existing records. If we are unable to verify your
request without new information, we will delete the new information as soon as
practical after processing your CCPA request, except as may be required to
comply with the CCPA's record retention requirements. We will never require you
to create an account with us in order to verify your request, but if you
already have an account, we may use that information to assist with
verification. We will only use information you provide to us during the
verification process to try to verify your identity or your authority to make
the request for another person. Requests to access the specific pieces of
information we may hold, and not just a list of the categories of information,
require heightened verification procedures, and we will require you to submit a
written declaration under penalty of perjury stating that you are the consumer
whose PI is the subject of the request. In addition, certain pieces of
information, such as a social security number, driver's license number or other
government-issued identification number or financial account numbers, will not
be disclosed in response to a CCPA request. If you wish to authorize someone
else to act on your behalf in connection with your CCPA rights, we must receive
proof that this person is authorized to do so. Proof can be provided by a
consumer verifying his/her own identity directly with us and then providing
written authority for a designated person to act on the consumer's behalf, or
through receipt of a power of attorney or other legal documentation of
authority, or proof of registration with the California Secretary of State as a
designated representative of another consumer. You may also make a verifiable
consumer request on behalf of your minor child.
1. How and When Will We Respond?
Within 10 days of receipt of your request, we will provide an initial
confirmation with an assigned reference number. If you submit a Request to
Delete, we are required to re-confirm your choice to delete the information
after verifying your request, but prior to actual deletion. The Company strives
to provide a response within 45 days of receiving your request. If we need
additional time, we will let you know. We will send our response to your
request by U.S. mail or email, at your option. Any information we provide will
cover only the 12-month period preceding receipt of your request. If we cannot
respond to or comply with your Request to Know or Request to Delete, because,
for example, we cannot verify your identity or because an exception applies, we
will explain our reasoning and decision in our response. We do not charge a fee
to process your request unless it is excessive, repetitive, or manifestly
unfounded, and we have informed you in writing of the reasoning behind a charge
and its estimated cost. We will provide a cost estimate before completing your
request if we determine that a charge is warranted.
Click HERE to Print this Policy.
Last updated: 6/30/2024 |
|
|